How to Dev - Example: Get access token via refresh token

×

Warning message

  • You can't delete this newsletter because it has not been sent to all its subscribers.
  • You can't delete this newsletter because it has not been sent to all its subscribers.

 

To get access token using the refresh token acquired during authentication the following REST API is available:

POST https://www.snap4city.org/auth/realms/master/protocol/openid-connect/token

Content-Type: application/x-www-form-urlencoded

grant_type=refresh_token&client_id=xxx&refresh_token=…refresh token…

 

Return 200 if the refresh token is valid, access token is returned

{

    "access_token": "…",

    "expires_in": 1500,

    "refresh_expires_in": 2073600,

    "refresh_token": "…",

    "token_type": "bearer",

    "not-before-policy": 0,

    "session_state": "…"

}

 

Return 400 if the refresh token is not valid or the client_id is not present

{

    "error": "invalid_grant",

    "error_description": "Invalid refresh token"

}

Note: each authentication request creates a new session on keycloak, it is better to use the refresh token to create a new access token, it is more secure (no need to store user name and password)